FULL PRODUCT VERSION :
java version "1.6.0"
Java(TM) SE Runtime Environment (build 1.6.0-b105)
Java HotSpot(TM) Client VM (build 1.6.0-b105, mixed mode, sharing)

ADDITIONAL OS VERSION INFORMATION :
Microsoft Windows 2000 [Version 5.00.2195]

EXTRA RELEVANT SYSTEM CONFIGURATION :
Tested with jdk1.5.0_08 and jdk1.6.0.  Same error occurs with both versions.

A DESCRIPTION OF THE PROBLEM :
Problem occurs when loading any PKCS12 certificate with a zero-length password into a KeyStore.  This has been tested using .pfx and .p12 certificate files.

Here is the error:

Exception in thread "main" java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero
        at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275)
        at java.security.KeyStore.load(KeyStore.java:1150)
        at CertTest.main(CertTest.java:12)
Caused by: java.lang.ArithmeticException: / by zero
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(DashoA12275)
        at javax.crypto.Cipher.a(DashoA12275)
        at javax.crypto.Cipher.a(DashoA12275)
        at javax.crypto.Cipher.init(DashoA12275)
        at javax.crypto.Cipher.init(DashoA12275)
        at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271)
        ... 2 more

See this link for more information on a similar divide by zero error:
http://forum.java.sun.com/thread.jspa?threadID=741710&tstart=165


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1.  Create a PKCS12 certificate with a zero-length (i.e. the empty string, "") password.

2.  Try to load it into a KeyStore.  (Code is provided in the test case.)

EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
The certificate should be loaded into the KeyStore wihout any exception.

ACTUAL -
The actual result is an IOException indicating a divide by zero error.


ERROR MESSAGES/STACK TRACES THAT OCCUR :
Exception in thread "main" java.io.IOException: failed to decrypt safe contents entry: java.lang.ArithmeticException: / by zero
        at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1275)
        at java.security.KeyStore.load(KeyStore.java:1150)
        at CertTest.main(CertTest.java:12)
Caused by: java.lang.ArithmeticException: / by zero
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.SunJCE_ac.a(DashoA12275)
        at com.sun.crypto.provider.PKCS12PBECipherCore$PBEWithSHA1AndRC2_40.engineInit(DashoA12275)
        at javax.crypto.Cipher.a(DashoA12275)
        at javax.crypto.Cipher.a(DashoA12275)
        at javax.crypto.Cipher.init(DashoA12275)
        at javax.crypto.Cipher.init(DashoA12275)
        at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1271)
        ... 2 more

REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
import java.io.*;
import java.security.KeyStore;

public class CertTest {

	public static void main(String[] args) throws Exception {
		KeyStore keyStore = KeyStore.getInstance("PKCS12");
		FileInputStream fis = new FileInputStream("test.pfx");
		char[] pwArray = "".toCharArray();
		keyStore.load(fis, pwArray);
		fis.close();
	}
}
---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
The only possible workaround is to use different certificate that has a password with at least one character.  This is not always a viable solution.